PolicyKit: Branch 'master'
David Zeuthen
david at kemper.freedesktop.org
Sun Feb 8 08:40:34 PST 2009
data/org.freedesktop.PolicyKit1.Authority.xml | 10 ++++++-
src/polkit/polkitauthority.c | 34 +++++++++++++++++-------
src/polkit/polkitauthority.h | 4 ++
src/polkitagent/polkitagentlistener.c | 3 +-
src/polkitbackend/polkitbackendauthority.c | 12 +++++++-
src/polkitbackend/polkitbackendauthority.h | 4 ++
src/polkitbackend/polkitbackendlocalauthority.c | 22 +++++++++++++++
7 files changed, 76 insertions(+), 13 deletions(-)
New commits:
commit 41fbdb3e0802d07eca4c96526d278001d22cb1ff
Author: David Zeuthen <davidz at redhat.com>
Date: Sun Feb 8 11:37:35 2009 -0500
make authentication agents pass a session_id parameter
The session_id has got to be empty for now. The thinking is that in
the future we might want to register an authentication agent that runs
in secure desktop, e.g. a separate session from the user session.
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index 711dc4a..2057bd6 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -198,7 +198,11 @@
</method>
<method name="RegisterAuthenticationAgent">
- <annotation name="org.gtk.EggDBus.DocString" value="Register an authentication agent."/>
+ <annotation name="org.gtk.EggDBus.DocString" value="<para>Register an authentication agent.</para><para>Note that current versions of PolicyKit will only work if @session_id is set to the empty string. In the future it might work for non-empty strings if the caller is sufficiently privileged.</para>"/>
+
+ <arg name="session_id" direction="in" type="s">
+ <annotation name="org.gtk.EggDBus.DocString" value="The session to register the authentication for or blank for the session the caller of the method is in."/>
+ </arg>
<arg name="object_path" direction="in" type="s">
<annotation name="org.gtk.EggDBus.DocString" value="The object path of authentication agent object on the unique name of the caller."/>
@@ -208,6 +212,10 @@
<method name="UnregisterAuthenticationAgent">
<annotation name="org.gtk.EggDBus.DocString" value="Unregister an authentication agent."/>
+ <arg name="session_id" direction="in" type="s">
+ <annotation name="org.gtk.EggDBus.DocString" value="The session identifier passed to org.freedesktop.PolicyKit1.Authority.RegisterAuthenticationAgent()."/>
+ </arg>
+
<arg name="object_path" direction="in" type="s">
<annotation name="org.gtk.EggDBus.DocString" value="The object path of authentication agent object on the unique name of the caller."/>
</arg>
diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c
index aa09c10..24fbd81 100644
--- a/src/polkit/polkitauthority.c
+++ b/src/polkit/polkitauthority.c
@@ -475,6 +475,7 @@ polkit_authority_check_authorization_sync (PolkitAuthority *author
static guint
polkit_authority_register_authentication_agent_async (PolkitAuthority *authority,
+ const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GAsyncReadyCallback callback,
@@ -490,6 +491,7 @@ polkit_authority_register_authentication_agent_async (PolkitAuthority *auth
call_id = _polkit_authority_register_authentication_agent (authority->real,
EGG_DBUS_CALL_FLAGS_NONE,
+ session_id,
object_path,
cancellable,
generic_async_cb,
@@ -501,6 +503,7 @@ polkit_authority_register_authentication_agent_async (PolkitAuthority *auth
/**
* polkit_authority_register_authentication_agent:
* @authority: A #PolkitAuthority.
+ * @session_id: The identifier of the session to register for or %NULL for the session of the caller.
* @object_path: The object path for the authentication agent.
* @cancellable: A #GCancellable or %NULL.
* @callback: A #GAsyncReadyCallback to call when the request is satisfied.
@@ -514,12 +517,14 @@ polkit_authority_register_authentication_agent_async (PolkitAuthority *auth
**/
void
polkit_authority_register_authentication_agent (PolkitAuthority *authority,
+ const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data)
{
polkit_authority_register_authentication_agent_async (authority,
+ session_id,
object_path,
cancellable,
callback,
@@ -566,6 +571,7 @@ polkit_authority_register_authentication_agent_finish (PolkitAuthority *authorit
/**
* polkit_authority_register_authentication_agent_sync:
* @authority: A #PolkitAuthority.
+ * @session_id: The identifier of the session to register for or %NULL for the session of the caller.
* @object_path: The object path for the authentication agent.
* @cancellable: A #GCancellable or %NULL.
* @error: Return location for error or %NULL.
@@ -576,6 +582,7 @@ polkit_authority_register_authentication_agent_finish (PolkitAuthority *authorit
**/
gboolean
polkit_authority_register_authentication_agent_sync (PolkitAuthority *authority,
+ const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GError **error)
@@ -585,6 +592,7 @@ polkit_authority_register_authentication_agent_sync (PolkitAuthority *author
gboolean ret;
call_id = polkit_authority_register_authentication_agent_async (authority,
+ session_id,
object_path,
cancellable,
generic_cb,
@@ -603,6 +611,7 @@ polkit_authority_register_authentication_agent_sync (PolkitAuthority *author
static guint
polkit_authority_unregister_authentication_agent_async (PolkitAuthority *authority,
+ const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GAsyncReadyCallback callback,
@@ -617,11 +626,12 @@ polkit_authority_unregister_authentication_agent_async (PolkitAuthority *au
polkit_authority_unregister_authentication_agent_async);
call_id = _polkit_authority_unregister_authentication_agent (authority->real,
- EGG_DBUS_CALL_FLAGS_NONE,
- object_path,
- cancellable,
- generic_async_cb,
- simple);
+ EGG_DBUS_CALL_FLAGS_NONE,
+ session_id,
+ object_path,
+ cancellable,
+ generic_async_cb,
+ simple);
return call_id;
}
@@ -629,6 +639,7 @@ polkit_authority_unregister_authentication_agent_async (PolkitAuthority *au
/**
* polkit_authority_unregister_authentication_agent:
* @authority: A #PolkitAuthority.
+ * @session_id: The identifier of the session the agent is registered at or %NULL for the session of the caller.
* @object_path: The object path that the authentication agent is registered at.
* @cancellable: A #GCancellable or %NULL.
* @callback: A #GAsyncReadyCallback to call when the request is satisfied.
@@ -642,16 +653,18 @@ polkit_authority_unregister_authentication_agent_async (PolkitAuthority *au
**/
void
polkit_authority_unregister_authentication_agent (PolkitAuthority *authority,
+ const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data)
{
polkit_authority_unregister_authentication_agent_async (authority,
- object_path,
- cancellable,
- callback,
- user_data);
+ session_id,
+ object_path,
+ cancellable,
+ callback,
+ user_data);
}
/**
@@ -693,6 +706,7 @@ polkit_authority_unregister_authentication_agent_finish (PolkitAuthority *author
/**
* polkit_authority_unregister_authentication_agent_sync:
* @authority: A #PolkitAuthority.
+ * @session_id: The identifier of the session the agent is registered at or %NULL for the session of the caller.
* @object_path: The object path that the authentication agent is registered at.
* @cancellable: A #GCancellable or %NULL.
* @error: Return location for error or %NULL.
@@ -703,6 +717,7 @@ polkit_authority_unregister_authentication_agent_finish (PolkitAuthority *author
**/
gboolean
polkit_authority_unregister_authentication_agent_sync (PolkitAuthority *authority,
+ const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GError **error)
@@ -712,6 +727,7 @@ polkit_authority_unregister_authentication_agent_sync (PolkitAuthority *auth
gboolean ret;
call_id = polkit_authority_unregister_authentication_agent_async (authority,
+ session_id,
object_path,
cancellable,
generic_cb,
diff --git a/src/polkit/polkitauthority.h b/src/polkit/polkitauthority.h
index 0ed5647..584e10c 100644
--- a/src/polkit/polkitauthority.h
+++ b/src/polkit/polkitauthority.h
@@ -83,11 +83,13 @@ gboolean polkit_authority_remove_authorization_sync (PolkitAut
GError **error);
gboolean polkit_authority_register_authentication_agent_sync (PolkitAuthority *authority,
+ const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GError **error);
gboolean polkit_authority_unregister_authentication_agent_sync (PolkitAuthority *authority,
+ const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GError **error);
@@ -173,6 +175,7 @@ gboolean polkit_authority_remove_authorization_finish (PolkitA
void polkit_authority_register_authentication_agent (PolkitAuthority *authority,
+ const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GAsyncReadyCallback callback,
@@ -183,6 +186,7 @@ gboolean polkit_authority_register_authentication_agent_finish
GError **error);
void polkit_authority_unregister_authentication_agent (PolkitAuthority *authority,
+ const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GAsyncReadyCallback callback,
diff --git a/src/polkitagent/polkitagentlistener.c b/src/polkitagent/polkitagentlistener.c
index cf20f28..23300a3 100644
--- a/src/polkitagent/polkitagentlistener.c
+++ b/src/polkitagent/polkitagentlistener.c
@@ -102,8 +102,8 @@ server_register (Server *server,
ret = FALSE;
local_error = NULL;
- /* TODO: also pass server->session_id */
if (!polkit_authority_register_authentication_agent_sync (server->authority,
+ server->session_id,
server->object_path,
NULL,
&local_error))
@@ -198,6 +198,7 @@ server_finalize (GObject *object)
error = NULL;
if (!polkit_authority_unregister_authentication_agent_sync (server->authority,
+ server->session_id,
server->object_path,
NULL,
&error))
diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c
index 996e87a..cf5ce04 100644
--- a/src/polkitbackend/polkitbackendauthority.c
+++ b/src/polkitbackend/polkitbackendauthority.c
@@ -391,6 +391,7 @@ polkit_backend_authority_remove_authorization (PolkitBackendAuthority *autho
* polkit_backend_authority_register_authentication_agent:
* @authority: A #PolkitBackendAuthority.
* @caller: The system bus name that initiated the query.
+ * @session_id: The identifier of the session to register for or %NULL for the session of the caller.
* @object_path: The object path for the authentication agent.
* @error: Return location for error or %NULL.
*
@@ -401,6 +402,7 @@ polkit_backend_authority_remove_authorization (PolkitBackendAuthority *autho
gboolean
polkit_backend_authority_register_authentication_agent (PolkitBackendAuthority *authority,
PolkitSubject *caller,
+ const gchar *session_id,
const gchar *object_path,
GError **error)
{
@@ -418,7 +420,7 @@ polkit_backend_authority_register_authentication_agent (PolkitBackendAuthority
}
else
{
- return klass->register_authentication_agent (authority, caller, object_path, error);
+ return klass->register_authentication_agent (authority, caller, session_id, object_path, error);
}
}
@@ -426,6 +428,7 @@ polkit_backend_authority_register_authentication_agent (PolkitBackendAuthority
* polkit_backend_authority_unregister_authentication_agent:
* @authority: A #PolkitBackendAuthority.
* @caller: The system bus name that initiated the query.
+ * @session_id: The identifier of the session the agent is registered at or %NULL for the session of the caller.
* @object_path: The object path that the authentication agent is registered at.
* @error: Return location for error or %NULL.
*
@@ -436,6 +439,7 @@ polkit_backend_authority_register_authentication_agent (PolkitBackendAuthority
gboolean
polkit_backend_authority_unregister_authentication_agent (PolkitBackendAuthority *authority,
PolkitSubject *caller,
+ const gchar *session_id,
const gchar *object_path,
GError **error)
{
@@ -453,7 +457,7 @@ polkit_backend_authority_unregister_authentication_agent (PolkitBackendAuthority
}
else
{
- return klass->unregister_authentication_agent (authority, caller, object_path, error);
+ return klass->unregister_authentication_agent (authority, caller, session_id, object_path, error);
}
}
@@ -956,6 +960,7 @@ authority_manager_handle_remove_authorization (_PolkitAuthorityManager *i
static void
authority_handle_register_authentication_agent (_PolkitAuthority *instance,
+ const gchar *session_id,
const gchar *object_path,
EggDBusMethodInvocation *method_invocation)
{
@@ -968,6 +973,7 @@ authority_handle_register_authentication_agent (_PolkitAuthority *
error = NULL;
if (!polkit_backend_authority_register_authentication_agent (server->authority,
caller,
+ session_id,
object_path,
&error))
{
@@ -986,6 +992,7 @@ authority_handle_register_authentication_agent (_PolkitAuthority *
static void
authority_handle_unregister_authentication_agent (_PolkitAuthority *instance,
+ const gchar *session_id,
const gchar *object_path,
EggDBusMethodInvocation *method_invocation)
{
@@ -998,6 +1005,7 @@ authority_handle_unregister_authentication_agent (_PolkitAuthority
error = NULL;
if (!polkit_backend_authority_unregister_authentication_agent (server->authority,
caller,
+ session_id,
object_path,
&error))
{
diff --git a/src/polkitbackend/polkitbackendauthority.h b/src/polkitbackend/polkitbackendauthority.h
index 80d224e..25c0ce0 100644
--- a/src/polkitbackend/polkitbackendauthority.h
+++ b/src/polkitbackend/polkitbackendauthority.h
@@ -127,11 +127,13 @@ struct _PolkitBackendAuthorityClass
gboolean (*register_authentication_agent) (PolkitBackendAuthority *authority,
PolkitSubject *caller,
+ const gchar *session_id,
const gchar *object_path,
GError **error);
gboolean (*unregister_authentication_agent) (PolkitBackendAuthority *authority,
PolkitSubject *caller,
+ const gchar *session_id,
const gchar *object_path,
GError **error);
@@ -238,11 +240,13 @@ gboolean polkit_backend_authority_remove_authorization (PolkitBackendAuthor
gboolean polkit_backend_authority_register_authentication_agent (PolkitBackendAuthority *authority,
PolkitSubject *caller,
+ const gchar *session_id,
const gchar *object_path,
GError **error);
gboolean polkit_backend_authority_unregister_authentication_agent (PolkitBackendAuthority *authority,
PolkitSubject *caller,
+ const gchar *session_id,
const gchar *object_path,
GError **error);
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index e5b3027..1b981e6 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -192,11 +192,13 @@ static gboolean polkit_backend_local_authority_remove_authorization (PolkitBacke
static gboolean polkit_backend_local_authority_register_authentication_agent (PolkitBackendAuthority *authority,
PolkitSubject *caller,
+ const gchar *session_id,
const gchar *object_path,
GError **error);
static gboolean polkit_backend_local_authority_unregister_authentication_agent (PolkitBackendAuthority *authority,
PolkitSubject *caller,
+ const gchar *session_id,
const gchar *object_path,
GError **error);
@@ -1435,6 +1437,7 @@ authentication_session_cancel (AuthenticationSession *session)
static gboolean
polkit_backend_local_authority_register_authentication_agent (PolkitBackendAuthority *authority,
PolkitSubject *caller,
+ const gchar *session_id,
const gchar *object_path,
GError **error)
{
@@ -1450,6 +1453,15 @@ polkit_backend_local_authority_register_authentication_agent (PolkitBackendAutho
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
+ if (session_id != NULL && strlen (session_id) > 0)
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "The session_id parameter must be blank for now.");
+ goto out;
+ }
+
session_for_caller = polkit_backend_session_monitor_get_session_for_subject (priv->session_monitor,
caller,
NULL);
@@ -1499,6 +1511,7 @@ polkit_backend_local_authority_register_authentication_agent (PolkitBackendAutho
static gboolean
polkit_backend_local_authority_unregister_authentication_agent (PolkitBackendAuthority *authority,
PolkitSubject *caller,
+ const gchar *session_id,
const gchar *object_path,
GError **error)
{
@@ -1513,6 +1526,15 @@ polkit_backend_local_authority_unregister_authentication_agent (PolkitBackendAut
ret = FALSE;
+ if (session_id != NULL && strlen (session_id) > 0)
+ {
+ g_set_error (error,
+ POLKIT_ERROR,
+ POLKIT_ERROR_FAILED,
+ "The session_id parameter must be blank for now.");
+ goto out;
+ }
+
session_for_caller = polkit_backend_session_monitor_get_session_for_subject (priv->session_monitor,
caller,
NULL);
More information about the hal-commit
mailing list